Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PR for Linux Users #1

Merged
merged 2 commits into from
Mar 12, 2023
Merged

PR for Linux Users #1

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d8b728d
PR for CarlosPolop
NiS3x Mar 10, 2023
12a27a9
Update bf-aws-permissions.sh
3v4Si0N Mar 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 33 additions & 32 deletions bf-aws-permissions.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ trap handle_sigint SIGINT

# Set default values for the options
profile="default"
verbose=0

HELP_MESSAGE="Usage: $0 [-p profile] \n"\
"Set the region in the profile you want to test."
Expand Down Expand Up @@ -45,27 +46,26 @@ done

# Read the file line by line
get_aws_services(){
# Set the start and end strings
start_string="AVAILABLE SERVICES"
end_string="SEE ALSO"

# Set a flag to track if we're in the target range
in_range=false

aws help | while read line; do
if [[ "$line" == *"$start_string"* ]]; then
# Found the start string
in_range=true
elif [[ "$line" == *"$end_string"* ]]; then
# Found the end string
in_range=false
fi

if [ "$in_range" == true ] && [ "$line" ] && echo "$line" | grep -qv "AVAILABLE SERVICES"; then
# We're in the target range, so echo the line
echo "$line" | awk '{print $2}'
fi
done
# Set the start and end strings
start_string="SERVICES"
end_string="SEE"
point="o"
in_range=false

for line in $(aws help | col -b); do
if [[ "$start_string" == *"$line"* ]]; then
# Found the start string
in_range=true
elif [[ "$end_string" == *"$line"* ]]; then
# Found the end string
in_range=false
fi

if [[ $in_range == true ]] && [[ "$line" != *"$point"* ]] && echo "$line" | grep -qv "SERVICES"; then
# We're in the target range, so echo the line
echo $line
fi
done
}


Expand All @@ -74,40 +74,41 @@ get_commands_for_service() {
service=$1

# Set the start and end strings
start_string="AVAILABLE COMMANDS"
end_string="SEE ALSO"
start_string="COMMANDS"
end_string="SEE"

# Set a flag to track if we're in the target range
in_range=false

aws "$service" help | while read line; do
if [[ "$line" == *"$start_string"* ]]; then
for line in $(aws "$service" help | col -b); do
#echo $line
if [[ "$start_string" == *"$line"* ]]; then
# Found the start string
in_range=true
elif [[ "$line" == *"$end_string"* ]]; then
elif [[ "$end_string" == *"$line"* ]]; then
# Found the end string
in_range=false
fi

if [ "$in_range" == true ] && [ "$line" ] && echo "$line" | awk '{print $2}' | grep -Eq "^list|^describe|^get"; then
if [ "$in_range" == true ] && [ "$line" ] && echo "$line" | grep -Eq "^list|^describe|^get"; then
# We're in the target range, so echo the line
echo $line | awk '{print $2}' | sort -u
echo $line
fi
done
}

# Test aws command
test_command() {
service=$1
command=$2

echo -ne "Testing: aws --profile \"$profile\" $service $command \r"

aws --cli-connect-timeout 20 --profile "$profile" "$service" "$command" >/dev/null 2>&1


# for extended ouput use --> aws --cli-connect-timeout 20 --profile "$profile" "$service" "$command" 2>/dev/null

if [ $? -eq 0 ]; then
echo ""
echo "[+] You have permissions to execute: aws --profile $profile $service $command"
echo ""
fi
}

Expand Down